In message <[EMAIL PROTECTED]> on Fri, 05 Dec 2003 12:06:16 +1300, Jason Haar <[EMAIL PROTECTED]> said:
Jason.Haar> On Fri, 2003-12-05 at 03:25, Vadim Fedukovich wrote: Jason.Haar> > > As far as I know AES is a symmetrical Algorithm which does not use Jason.Haar> > > Public Keys. So the password you give (or more probably a hash of the Jason.Haar> > > password) will be the key for en- and decrypting the data. Jason.Haar> > Jason.Haar> > Doing so would result in a one single fixed key for different messages Jason.Haar> > to encrypt. One should think twice before doing it this way. Jason.Haar> > Jason.Haar> Jason.Haar> I'll take a stab at the answer. Jason.Haar> Jason.Haar> As far as I'm aware, AES - like DES and 3DES before it - Jason.Haar> are *only* used to encrypt data. They take no part in PKI Jason.Haar> to do with public keys/etc. <pick object=nit>Actually, I'm quite sure it can be used to decrypt data as well.</pick> Jason.Haar> The principle in PKI is that you generate a private and Jason.Haar> public key using RSA or DH (?). These are *extremely* Jason.Haar> strong (i.e. computationally expensive operations) Jason.Haar> operations, and are used to do session key exchanges for Jason.Haar> (e.g.) network encryption sessions such as SSL and IPSec. And SSH, and non-network systems like PGP, and... ----- Please consider sponsoring my work on free software. See http://www.free.lp.se/sponsoring.html for details. You don't have to be rich, a $10 donation is appreciated! -- Richard Levitte \ Tunnlandsvägen 3 \ [EMAIL PROTECTED] [EMAIL PROTECTED] \ S-168 36 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See <http://www.stacken.kth.se/~levitte/mail/> for more info. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
